Terraform module which creates a Domino deployment inside of GCP's GKE.
module "gke_cluster" {
source = "github.com/dominodatalab/terraform-gcp-gke"
cluster = "cluster-name"
}module "gke_cluster" {
source = "github.com/dominodatalab/terraform-gcp-gke"
cluster = "cluster-name"
project = "gcp-project"
location = "us-west1"
# Some more variables may need to be configured to meet specific needs
}-
Install gcloud and configure the Terraform workspace
gcloud auth application-default login terraform init terraform workspace new [your-cluster-name] -
With the environment setup, you can now apply the terraform module
terraform apply -auto-approve -
Be sure to cleanup the cluster after you are done working
terraform destroy -auto-approve
The following project IAM permissions must be granted to the provisioning user/service:
- Cloud KMS Admin
- Compute Admin
- Compute Instance Admin (v1)
- Compute Network Admin
- Kubernetes Engine Admin
- DNS Administrator
- Cloud Filestore Editor
- Security Admin
- Service Account Admin
- Service Account User
- Storage Admin
It may be possible to lower the "admin" privilage levels to a "creator" level if provisioning cleanup is not required. However, the permissions level for "creator-only" has not been tested. It is assume that a cluster creator can also cleanup (i.e. destroy) the cluster.
Please submit any feature enhancements, bug fixes, or ideas via pull requests or issues.